<?php

/**
 * 
 *
 * @version $Id: com.inc.php,v 1.14 2005/01/15 17:04:37 phppc Exp $
 * @copyright 2004 
 **/

$com = $this->fun_sg2var("com");

$com_array = array("show");
if($this->perm_array["news_com"] == 2) array_push($com_array,"new");
if($this->perm_array["com_edit_del"] == 2 OR $this->perm_array["com_edit_del"] == 1) array_push($com_array,"edit","do_edit","del");
$com = $this->uf_form_conf_def($com,$com_array,"show");

if(($this->user_id == 0) AND ($com == "show" OR $com == "new")) {
	$this->uf_field[1] = "user_guest";

	$this->uf_field[2] = "email";
		$this->uf_input[2]["ml"] = 50;
		$this->uf_input[2]["size"] = 20;
}

			
$this->uf_field[3] = "title";
	$this->uf_input[3]["ml"] = 100;
	$this->uf_input[3]["size"] = 20;

$this->uf_field[5] = "bbcode";
	$this->uf_input[5]["type"] = "manually";
	$this->uf_input[5]["no_db"] = 1;

$this->tpl_load("com_bbcode");
$var_array["bbcode"] = $this->tpl_output();
	
$this->uf_field[4] = "content";
	$this->uf_input[4]["type"] = "textarea";
	$this->uf_input[4]["rows"] = 7;
	$this->uf_input[4]["cols"] = 40;
	$this->uf_input[4]["add"] = " onChange=\"wohin(this)\" onclick=\"wohin(this)\" onFocus=\"wohin(this)\"";

$n_tpl['coms'] = "";

$this->module_new_value["action"] = "com";

$allow_coms = 0;
if ($com == "show") {
	$start_attr = $this->fun_getmicrotime();
	list($attr,$news_attr_ids) = $this->fun_get_attr_data(array($this->news_id));
    $valid_id = $this->db_anzahl_zeilen("SELECT news_id FROM ".$this->config["prefix"]."main WHERE news_id = \"$this->news_id\" AND active=\"1\"");
	if ($valid_id == 1) {
		$db_news = $this->db_abfrage_az ($this->main_abfrage . " AND ".$this->config["prefix"]."main.news_id = \"$this->news_id\"");
	    $n_tpl["news"] = $this->news_one($db_news,"com");
	    $this->module_new_value["action"] = "com";
		if($this->db_config["allow_coms"] == 2) $allow_coms = 1;
		elseif($this->db_config["allow_coms"] == 1) $allow_coms = $db_news["allow_coms"];
		if ($allow_coms == 1) {
		    if($this->perm_array["news_com"] == 2) {
				$hidden_array["com"] = "new";
				$hidden_array["news_id"] = $this->news_id;
				$n_tpl['new_com'] = $this->uf_create_complete_form("com_new_com", $hidden_array, "com_submit_button", "form_reset", "complete_form", "uf/", "", $var_array, "com_");
			}
			if ($db_news["anzahl_coms"] >= 1 AND ($this->perm_array["news_com"] == 1 OR $this->perm_array["news_com"] == 2)) {
			    $erg = $this->db_abfrage_q ("SELECT ".$this->config["prefix"]."kom.id AS id,".$this->config["prefix"]."kom.title AS title,".$this->config["prefix"]."kom.content AS content,".$this->config["prefix"]."kom.user_id AS user_id,".$this->config["prefix"]."kom.user_guest AS user_guest,".$this->config["prefix"]."kom.email AS email,".$this->config["prefix"]."kom.time AS time,".$this->config["db_table_user"].".user_name AS user_name FROM ".$this->config["prefix"]."kom LEFT JOIN ".$this->config["db_table_user"]." ON (".$this->config["prefix"]."kom.user_id = ".$this->config["db_table_user"].".id) WHERE news_id = \"$this->news_id\" ORDER BY \"time\" DESC");
				while($nc_com = $this->db_abfrage_fetch($erg)){
					$com_admin = "";
					$com_edit_link = "";
					$nc_com["content"] = stripslashes(nl2br($nc_com["content"]));
					$nc_com["content"] = $this->bbcode_do_code($nc_com["content"]);
					$nc_com["title"] = stripslashes($nc_com["title"]);
					if($nc_com["title"] == "") $nc_com["title"] = "&nbsp;";
					$com_name = stripslashes($nc_com["user_guest"]);
					list ($com_date,$com_time) = $this->fun_tstamp2date($nc_com["time"]);
					if($nc_com["user_id"] != 0) $com_name = stripslashes($nc_com["user_name"]);
					if($this->perm_array["com_edit_del"] == 2 OR ($this->perm_array["com_edit_del"] == 1 AND $nc_com["user_id"] == $this->user_id)) {
						$com_edit_link = $this->fun_make_link("","com=edit&news_id=$this->news_id&com_id=".$nc_com["id"]."");
						$this->tpl_load("com_one_admin");
						$this->tpl_replace_vars(array("com_edit_link" => $com_edit_link,"com_id" => $nc_com["id"]));
						$com_admin = $this->tpl_output();
					}
					$this->tpl_load("com_one");
					$this->tpl_replace_vars(array("com_title" => $nc_com['title'],"com_date" => $com_date, "com_time" => $com_time,"com_name" => $com_name, "com_content" => $nc_com['content'], "com_admin" => $com_admin));
					$n_tpl['coms'] .= $this->tpl_output();
				} // while
			}elseif ($this->perm_array["news_com"] == 0) $this->message_red = 52;
			else $this->message_red[] = 51;
		}
		unset($hidden_array,$hidden_fields);
		$hidden_array["com"] = "del";
		$hidden_array["news_id"] = $this->news_id;
		$hidden_fields = $this->uf_create_hidden_form($hidden_array);
		$this->tpl_load("com");
		$this->tpl_replace_vars(array("news_one" => $n_tpl["news"], "new_com" => $n_tpl["new_com"], "hidden_fields" => $hidden_fields, "coms" => $n_tpl["coms"]));
		$nc_main = $this->tpl_output();
	}else $this->message_red[] = 50;
}elseif ($com == "new") {
	if($this->perm_array["news_com"] == 2) {
		list($input_array,$abfrage1,$abfrage2) = $this->uf_create_array_conf("insert","");
		$valid_input = $this->uf_form_conf($input_array);
		if ($valid_input == 1) {
		    $erg = $this->db_abfrage_q ("INSERT ".$this->config["prefix"]."kom (news_id,user_id,time,ip,".$abfrage1.") VALUES (\"$this->news_id\",\"".$this->user_id."\",\"".$this->config["aktuelle_zeit"]."\",\"".$this->config["ip"]."\",".$abfrage2.")");
			if ($erg) {
				$this->db_abfrage_q ("UPDATE ".$this->config["prefix"]."main SET anzahl_coms=anzahl_coms+1 WHERE news_id = \"$this->news_id\"");
				$this->message_green[] = 101;
				$this->w_leitung["url"] = $this->fun_make_link("","news_id=$this->news_id");
				$this->w_leitung["number"] = 11;
			}
		}else {
			$this->message_red[] = 1;
			$this->w_leitung["number"] = 1;
		}
	}else $this->message_red[] = 53;	
}elseif($com == "edit") {
	$_GET = $this->uf_secure($_GET);
	$db_com = $this->db_abfrage_az("SELECT ".$this->config["prefix"]."kom.id AS id,".$this->config["prefix"]."kom.title AS title,".$this->config["prefix"]."kom.content AS content,".$this->config["prefix"]."kom.user_id AS user_id,".$this->config["prefix"]."kom.user_guest AS user_guest,".$this->config["prefix"]."kom.email AS email,".$this->config["prefix"]."kom.time AS time,".$this->config["db_table_user"].".user_name AS user_name FROM ".$this->config["prefix"]."kom LEFT JOIN ".$this->config["db_table_user"]." ON (".$this->config["prefix"]."kom.user_id = ".$this->config["db_table_user"].".id) WHERE ".$this->config["prefix"]."kom.news_id = \"".$this->news_id."\" AND ".$this->config["prefix"]."kom.id = \"".$_GET["com_id"]."\"");
	if($this->perm_array["com_edit_del"] == 2 OR ($this->perm_array["com_edit_del"] == 1 AND $db_com["user_id"] == $user_id)) {
		$hidden_array = array("com" => "do_edit", "news_id" => $this->news_id, "com_id" => $_GET["com_id"]);
		$this->module_new_value["action"] = "com";
		$nc_main = $this->uf_create_complete_form("com_edit_title", $hidden_array, "com_edit_submit_button", "form_reset", "complete_form", "uf/", "", array_merge($var_array,$db_com), "com_");
	}else $this->message_red[] = 54;
}elseif($com == "do_edit") {
	$db_com = $this->db_abfrage_az("SELECT ".$this->config["prefix"]."kom.id AS id,".$this->config["prefix"]."kom.title AS title,".$this->config["prefix"]."kom.content AS content,".$this->config["prefix"]."kom.user_id AS user_id,".$this->config["prefix"]."kom.user_guest AS user_guest,".$this->config["prefix"]."kom.email AS email,".$this->config["prefix"]."kom.time AS time,".$this->config["db_table_user"].".user_name AS user_name FROM ".$this->config["prefix"]."kom LEFT JOIN ".$this->config["db_table_user"]." ON (".$this->config["prefix"]."kom.user_id = ".$this->config["db_table_user"].".id) WHERE news_id = \"".$this->news_id."\"");
	if($this->perm_array["com_edit_del"] == 2 OR ($this->perm_array["com_edit_del"] == 1 AND $db_com["user_id"] == $user_id)) {
		list($input_array,$abfrage) = $this->uf_create_array_conf("update");
		if($this->db_abfrage_q("UPDATE ".$this->config["prefix"]."kom SET $abfrage WHERE news_id=\"".$_POST["news_id"]."\" AND id=\"".$_POST["com_id"]."\"")) {			
			$this->message_green[] = 102;
			$this->w_leitung["url"] = $this->fun_make_link("","com=show&news_id=".$_POST["news_id"]."");
			$this->w_leitung["number"] = 11;
		}
	}
}elseif($com == "del") {
	$this->w_leitung["url"] = $this->fun_make_link("","com=show&news_id=$this->news_id");
	if(isset($_POST["del_com"])) {
		$del_array = array();
		$this->anzahl = 0;
		foreach($_POST["del_com"] as $com_id) {
			array_push($del_array, $com_id);
			$this->anzahl++;
		}
		$where_part_one = $this->uf_create_where_part($del_array,$this->config["prefix"]."kom.id");
		$erg = $this->db_abfrage_q("SELECT ".$this->config["prefix"]."kom.id AS id,".$this->config["prefix"]."kom.title AS title,".$this->config["prefix"]."kom.content AS content,".$this->config["prefix"]."kom.user_id AS user_id,".$this->config["prefix"]."kom.user_guest AS user_guest,".$this->config["prefix"]."kom.email AS email,".$this->config["prefix"]."kom.time AS time,".$this->config["db_table_user"].".user_name AS user_name, ".$this->config["prefix"]."main.anzahl_coms AS anzahl_coms FROM ".$this->config["prefix"]."kom LEFT JOIN ".$this->config["db_table_user"]." ON (".$this->config["prefix"]."kom.user_id = ".$this->config["db_table_user"].".id) LEFT JOIN ".$this->config["prefix"]."main ON(".$this->config["prefix"]."kom.news_id=".$this->config["prefix"]."main.news_id) WHERE ".$this->config["prefix"]."kom.news_id = \"".$this->news_id."\" AND ($where_part_one)");
		unset($del_array);
		$del_array = array();
		$this->anzahl_del = 0;
		while($nc_com = $this->db_abfrage_fetch($erg)){
			if($this->perm_array["com_edit_del"] == 2 OR ($this->perm_array["com_edit_del"] == 1 AND $nc_com["user_id"] == $user_id)) {
				array_push($del_array,$nc_com["id"]);
				$this->anzahl_del++;
			}
			$anzahl_coms = $nc_com["anzahl_coms"];
		} // while
		if ($this->anzahl_del >= 1) {
		    $where_part_two = $this->uf_create_where_part($del_array);
			$this->db_abfrage_q("DELETE FROM ".$this->config["prefix"]."kom WHERE $where_part_two");
			$new_anzahl_coms = $anzahl_coms - $this->anzahl_del;
			$this->db_abfrage_q("UPDATE ".$this->config["prefix"]."main SET anzahl_coms=\"$new_anzahl_coms\" WHERE news_id=\"$this->news_id\"");
			$this->message_green[] = 103;
		}else {
			$this->message_red[] = 55;
			$this->w_leitung["url"] = "";
		}
	}else $this->message_red[] = 56;
	$this->w_leitung["number"] = 11;
}
?>